I have read a security magazine and watched a webinar on blueskybroadcast. The CPEs for these activities have been automatically credited to my account. However, I noticed that the domains for both of these activities were not indicated as part of the automatic credit.
May I know if this is a normal outcome of an automatic credit/submission of CPE? Is there anything I need to do?
As long as the status is "Accepted" and the number of credits are correct, I would not worry about anything else.
That said, I do recommend keeping parallel records for each CPE you submit. Personally, I send myself an email that includes whatever I think they may want if they chose that particular CPE for audit. Oftentimes, this is a screen shot of the completion certificate, a link to the web page, a personal attestation, or whatever else seems relevant at the moment. So far, I have been audited twice and my parallel record was enough to close the case with very little discussion.
The parallel records also give me some sense of comfort in being able to correct my own records if the CPE database were to somehow become corrupted. I also download a CPE report when I reach a milestone (e.g. an anniversary) so I can demonstrate my progress if anyone asks. Here's hoping that the details are returned to the reports before my next anniversary .
William (@denbesten) gave us one observation and two valuable suggestions that together demonstrate how badly the new CPE portal was designed.
Observation: Domains don't matter as long as the submission is accepted [implied:as Type A].
Suggestion 1: Keep your own annotated CPE event record, with sufficient detail to respond to audits from (ISC)2.
Suggestion 2: Download a CPE transcript at intervals. ( I usually have done this at the end of each anniversary year.)
BIG Problem in new CPS Portal:
The transcripts show the domain of the event but not the activity itself. Double hit on William's reply!
With no assigned domain, what does the transcript show credit for, and with no event description, the certified member cannot cross-audit personal records with the transcript to confirm complete and accurate CPE records at (ISC)2.
HEY, (ISC)2 PEOPLE! FIX THE DARN TRANSCRIPTS!!
To be fair, parallel records are more about my personal bias towards a strong defense. I did this even with the old CPE system because I do not want to lose my CISSP due to anyone's record keeping errors.
Domains don't matter as long as the submission is accepted...
That was not exactly my position. The only thing that matters to me regarding CPEs is meeting the required totals. Details are irrelevant to me until audited, and I keep good enough parallel records to pass any audit.
The true bug here is that the database should constrain the domain to be non-empty and the bulk input validators should check for its presence. Looking at my own report, I see empty domains for both current and old (2016) entries. The ethical thing would be to notifiy (ISC)² so that they can add this to their bug list. By tagging @amandavanceISC2, I am sure this will happen on Monday.
The transcripts show the domain of the event but not the activity itself.
I don't know if you are aware of it, but if you set your window to about 8 inches wide, you maximize the amount of title you see on the tabbed report. You can also copy/paste the entire page into Word to completely avoid the truncation. Although neither pretty nor sortable, it is functional.
(ISC)² says they are working on improving the reports and to expect an update within "weeks". Since there are workarounds, I am not going to stress over the timing or the details.
To confirm, we are working on making updates to the CPE portal as previously mentioned.The transcripts will provide much more information regarding each CPE submission.